Yahoo has become the world's poster child for the short-term business perils of suffering a massive data breach. Last week, Verizon's general counsel warned that the breach might constitute a "material impact" that gives Verizon an out from its $4.8 billion bid to buy the flagging search giant.

But Yahoo's fortunes are looking a little brighter this week after it posted a rise in third-quarter profit, exceeding analysts' expectations. The technology giant also reports that page view counts and use of its email service increased after the breach.

With Yahoo delivering its breach notification to the public just one week before the end of its third quarter, however, the jury is arguably still out on whether the breach's full impact has yet to be felt.

On Oct. 18, Yahoo released its quarterly results for July 1 to Sept. 30, reporting quarterly net earnings of $162.8 million, up from $76.3 million in the third quarter of 2015. Analysts expected the company to report earnings of 14 cents per share - minus certain expenses - compared to 15 cents in the same period last year. But Yahoo exceeded expectations by reporting earnings of 20 cents per share. The company says that it's also on track to post stronger-than-expected earnings for the current quarter.

Yahoo, however, declined to hold its usual earnings call with investors. The company said it made that decision in light of its in-progress sale to Verizon, which is expected to close in the first quarter of 2017. But the move also enabled Yahoo to avoid any pointed questions about its massive data breach, which it discovered in August.

The company announced the breach on Sept. 22, just eight days shy of the end of its third quarter, saying that in late 2014, it suffered a massive data breach that resulted in the theft of "information associated with at least 500 million user accounts."

In its earnings report, Yahoo offered no insights into exactly how it suffered its data breach, which is the largest that's ever been seen.

Instead, CEO Marissa Mayer said in a statement that the company has been working hard to retain users and is "heartened" by the increased page views and email usage since its breach. "We remain very confident, not only in the value of our business, but also in the value Yahoo products bring to our users' lives," she said.

On the Rocks

But analysts warn that the company is running out of time, unless it successfully wraps up the Verizon deal. Notably, its third-quarter EBITDA - earnings before interest, tax, depreciation and amortization, which is a more accurate measure of a company's operational performance than looking at net income - fell by 6 percent from the same period last year, hitting $229 million.

Yahoo's core advertising revenue business is in decline. After subtracting advertising commissions paid by Yahoo to partners, its third-quarter ad revenue was $857.7 million, a decline of 14 percent from the same period last year. In seven of the last eight quarters, furthermore, it's seen ad revenue decline.

And Yahoo will continue to lose market share to Google and Facebook, accounting for just 1.8 percent of net digital ad revenue worldwide this year, down from 2.4 percent in 2015, eMarketer predicts. The market researcher also expects Yahoo's worldwide ad revenue to drop 10.2 percent in 2016, after they declined 3.5 percent in 2015.

Short-Term Bump?

Many experts say it's too soon to tell whether the breach - or revelations over an alleged U.S. government email-spying order - have irrevocably damaged Yahoo. Facing questions about the email-scanning report, company officials have described Yahoo as a "law-abiding company." But Yahoo has also called on the U.S. government to publicly divulge exactly what it requested of Yahoo (see Yahoo Asks US Government to Declassify Spying Order) .

While Yahoo has emphasized that page views and email usage increased after the breach, such a turn of events was predicted last month by Mikko Hypponen, chief research officer of Finnish security firm F-Secure. He said that Yahoo would see a surge of advertising revenue from users who heard about the breach and logged on to Yahoo to change their password or perhaps attempt to shut down their accounts. Such behavior would likely have inflated page views and Yahoo mail usage.

Yahoo's ad revenue is skyrocketing, as 500 million users log in to Yahoo for the first time in years. To change their password and log out.

Following the earnings report, however, Ronald Josey, an analyst for investment bank JMP Securities, told Reuters that it's still too soon to tell if the breach caused irrevocable damage. But he said that the customer trends detailed by Yahoo are "encouraging."

"The message here is email and messaging is a very sticky product and people want to get to their messages," Josey said.

Question: Material Impact

Verizon, however, has already signaled that it may be getting antsy over its Yahoo bid. While Verizon CEO Lowell McAdam dismissed a report that the company would seek a $1 billion discount in Yahoo's sale price as "speculation," he didn't rule it out. And last week, Verizon's top lawyer said the company "has a reasonable basis" to question whether the breach will have a material impact on Yahoo's value.

"We're looking to Yahoo to demonstrate to us the full impact if they believe it's not [material]," Verizon general counsel Craig Silliman told reporters, according to The Washington Post. "They'll need to show us that, but the process is in the works."

Yahoo, meanwhile, says in a statement: "We are confident in Yahoo's value and we continue to work toward integration with Verizon."

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.